Enterprises shift to software -based pentitetting

The latest Pentera Penttetesting State Report reveals that over 50 percent of CISO enterprises now report using software -based pentesting to support their home testing practices.

Based on research conducted by Global Survez, the report notes that 50 percent of CISO now identify software -based testing as a major method for detecting exploitable gaps within their organizations.

Among the other findings of the report, 67 percent of enterprises have reported a violation in the last 24 months and 76 percent of CISOS report a significant impact after a violation. 36 percent report unplanned downtime, 30 percent cite data exposure, and 28 percent have experienced financial losses.

Penttetesting increasingly represents a significant portion of security budgets as well. US enterprises share an average of $ 187,000 per year for pentesting, comprising 11 percent of their total IT security budgets, which on average $ 1.77 million.

It is interesting that cyber insurance providers are running the adoption of technology, 59 percent of enterprises say they have adopted at least a new security solution they did not previously consider at the request of their cyber insurance provider.

“The rhythm of change in enterprise environments has made traditional methods of unstable testing,” says Jason Mar-Tang, CISO Field in Pentera. “96 percent of organizations are making changes to their at least three -month IT environment. Without automation and technology -driven certificate, it is almost impossible to continue. Report findings strengthen the need for scaling scaling strategies that meet the speed and complexity of today’s environments.”

The full report of the Pentesting 2025 report is available from the Pentera page.

Image loan: Josepalbert13/Dreamstime.com